Network Working Group M. Mealling
Request for Comments: 3404 VeriSign
Obsoletes: 2915, 2168 October 2002
Category: Standards Track
Network Working Group M. Mealling
Request for Comments: 3404 VeriSign
Obsoletes: 2915, 2168 October 2002
Category: Standards Track
Dynamic Delegation Discovery System (DDDS) Part Four: The Uniform Resource Identifiers (URI) Resolution Application
动态委托发现系统(DDDS)第四部分:统一资源标识符(URI)解析应用
Status of this Memo
本备忘录的状况
This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
本文件规定了互联网社区的互联网标准跟踪协议,并要求进行讨论和提出改进建议。有关本协议的标准化状态和状态,请参考当前版本的“互联网官方协议标准”(STD 1)。本备忘录的分发不受限制。
Copyright Notice
版权公告
Copyright (C) The Internet Society (2002). All Rights Reserved.
版权所有(C)互联网协会(2002年)。版权所有。
Abstract
摘要
This document describes a specification for taking Uniform Resource Identifiers (URI) and locating an authoritative server for information about that URI. The method used to locate that authoritative server is the Dynamic Delegation Discovery System.
本文档描述了获取统一资源标识符(URI)并定位权威服务器以获取有关该URI的信息的规范。用于定位权威服务器的方法是动态委派发现系统。
This document is part of a series that is specified in "Dynamic Delegation Discovery System (DDDS) Part One: The Comprehensive DDDS" (RFC 3401). It is very important to note that it is impossible to read and understand any document in this series without reading the others.
本文档是“动态委派发现系统(DDDS)第一部分:综合DDDS”(RFC 3401)中指定的系列的一部分。需要注意的是,如果不阅读其他文档,就不可能阅读和理解本系列中的任何文档。
Table of Contents
目录
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . 3
3. The Distinction between URNs and URIs . . . . . . . . . . . 3
4. The URI and URN Resolution Application Specifications . . . 4
4.1 Application Unique String . . . . . . . . . . . . . . . . . 4
4.2 First Well Known Rule . . . . . . . . . . . . . . . . . . . 4
4.3 Flags . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
4.4 Services Parameters . . . . . . . . . . . . . . . . . . . . 5
4.4.1 Services . . . . . . . . . . . . . . . . . . . . . . . . . . 6
4.4.2 protocols . . . . . . . . . . . . . . . . . . . . . . . . . 6
4.4.3 Applicability of Services . . . . . . . . . . . . . . . . . 7
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . 3
3. The Distinction between URNs and URIs . . . . . . . . . . . 3
4. The URI and URN Resolution Application Specifications . . . 4
4.1 Application Unique String . . . . . . . . . . . . . . . . . 4
4.2 First Well Known Rule . . . . . . . . . . . . . . . . . . . 4
4.3 Flags . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
4.4 Services Parameters . . . . . . . . . . . . . . . . . . . . 5
4.4.1 Services . . . . . . . . . . . . . . . . . . . . . . . . . . 6
4.4.2 protocols . . . . . . . . . . . . . . . . . . . . . . . . . 6
4.4.3 Applicability of Services . . . . . . . . . . . . . . . . . 7
4.5 Valid Databases . . . . . . . . . . . . . . . . . . . . . . 7
5. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 8
5.1 An example using a URN . . . . . . . . . . . . . . . . . . . 8
5.2 CID URI Scheme Example . . . . . . . . . . . . . . . . . . . 9
5.3 Resolving an HTTP URI Scheme . . . . . . . . . . . . . . . . 11
6. Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . 12
8. Security Considerations . . . . . . . . . . . . . . . . . . 12
9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . 13
References . . . . . . . . . . . . . . . . . . . . . . . . . 13
Appendix A: Pseudo Code . . . . . . . . . . . . . . . . . . 15
Author's Address . . . . . . . . . . . . . . . . . . . . . . 17
Full Copyright Statement . . . . . . . . . . . . . . . . . . 18
4.5 Valid Databases . . . . . . . . . . . . . . . . . . . . . . 7
5. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 8
5.1 An example using a URN . . . . . . . . . . . . . . . . . . . 8
5.2 CID URI Scheme Example . . . . . . . . . . . . . . . . . . . 9
5.3 Resolving an HTTP URI Scheme . . . . . . . . . . . . . . . . 11
6. Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . 12
8. Security Considerations . . . . . . . . . . . . . . . . . . 12
9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . 13
References . . . . . . . . . . . . . . . . . . . . . . . . . 13
Appendix A: Pseudo Code . . . . . . . . . . . . . . . . . . 15
Author's Address . . . . . . . . . . . . . . . . . . . . . . 17
Full Copyright Statement . . . . . . . . . . . . . . . . . . 18
The Dynamic Delegation Discovery System (DDDS) is used to implement lazy binding of strings to data, in order to support dynamically configured delegation systems. The DDDS functions by mapping some unique string to data stored within a DDDS Database by iteratively applying string transformation rules until a terminal condition is reached.
动态委托发现系统(DDDS)用于实现字符串到数据的延迟绑定,以支持动态配置的委托系统。DDDS通过迭代应用字符串转换规则将某些唯一字符串映射到DDDS数据库中存储的数据,直到达到终端条件为止。
This document describes a DDDS Application for resolving Uniform Resource Identifiers (URI). It does not define the DDDS Algorithm or a Database. The entire series of documents that do so are specified in "Dynamic Delegation Discovery System (DDDS) Part One: The Comprehensive DDDS" (RFC 3401) [1]. It is very important to note that it is impossible to read and understand any document in that series without reading the related documents.
本文档描述用于解析统一资源标识符(URI)的DDDS应用程序。它没有定义DDDS算法或数据库。“动态委托发现系统(DDDS)第一部分:综合DDDS”(RFC 3401)[1]中规定了实现此目的的整个系列文档。必须注意的是,如果不阅读相关文档,就不可能阅读和理解该系列中的任何文档。
Uniform Resource Identifiers (URI) have been a significant advance in retrieving Internet-accessible resources. However, their brittle nature over time has been recognized for several years. The Uniform Resource Identifier working group proposed the development of Uniform Resource Names (URN) [8] to serve as persistent, location-independent identifiers for Internet resources in order to overcome most of the problems with URIs. RFC 1737 [6] sets forth requirements on URNs.
统一资源标识符(URI)是检索Internet可访问资源的一个重大进步。然而,随着时间的推移,它们的脆性已经被认识了好几年。统一资源标识符工作组建议开发统一资源名称(URN)[8],作为互联网资源的持久、位置独立标识符,以克服URI的大部分问题。RFC 1737[6]规定了骨灰盒的要求。
During the lifetime of the URI-WG, a number of URN proposals were generated. The developers of several of those proposals met in a series of meetings, resulting in a compromise known as the Knoxville framework. The major principle behind the Knoxville framework is that the resolution system must be separate from the way names are assigned. This is in marked contrast to most URIs, which identify the host to contact and the protocol to use. Readers are referred to [7] for background on the Knoxville framework and for additional information on the context and purpose of this proposal.
在URI-WG的生命周期内,生成了许多URN提案。其中几个提案的开发者在一系列会议上会面,最终达成了一个被称为Knoxville框架的折衷方案。诺克斯维尔框架背后的主要原则是,解析系统必须与名称分配方式分开。这与大多数URI形成鲜明对比,后者标识要联系的主机和要使用的协议。读者可参考[7]了解诺克斯维尔框架的背景以及本提案的背景和目的的更多信息。
Separating the way names are resolved from the way they are constructed provides several benefits. It allows multiple naming approaches and resolution approaches to compete, as it allows different protocols and resolvers to be used. There is just one problem with such a separation - how do we resolve a name when it can't give us directions to its resolver?
将名称的解析方式与它们的构造方式分开有几个好处。它允许多种命名方法和解析方法竞争,因为它允许使用不同的协议和解析程序。这种分离只存在一个问题——当名称不能为我们提供指向其解析程序的方向时,我们如何解析名称?
For the short term, the Domain Name System (DNS) is the obvious candidate for the resolution framework, since it is widely deployed and understood. However, it is not appropriate to use DNS to maintain information on a per-resource basis. First of all, DNS was never intended to handle that many records. Second, the limited record size is inappropriate for catalog information. Third, domain names are not appropriate as URNs.
就短期而言,域名系统(DNS)显然是解决框架的候选方案,因为它被广泛部署和理解。但是,使用DNS以每种资源为基础维护信息是不合适的。首先,DNS从未打算处理这么多记录。其次,有限的记录大小不适合目录信息。第三,域名不适合作为URN。
Therefore our approach is to use the DDDS to locate "resolvers" that can provide information on individual resources, potentially including the resource itself. To accomplish this, we "rewrite" the URI into a Key following the rules found in the DDDS. This document describes URI Resolution as an application of the DDDS and specifies the use of at least one Database based on DNS.
因此,我们的方法是使用DDD定位“解析器”,该解析器可以提供有关单个资源的信息,可能包括资源本身。为了实现这一点,我们按照DDDS中的规则将URI“重写”为一个键。本文档将URI解析描述为DDDS的应用程序,并指定至少一个基于DNS的数据库的使用。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119.
本文件中的关键词“必须”、“不得”、“要求”、“应”、“不得”、“应”、“不应”、“建议”、“可”和“可选”应按照RFC 2119中的说明进行解释。
All capitalized terms are taken from the vocabulary found in the DDDS algorithm specification found in RFC 3403 [3].
所有大写术语均取自RFC 3403[3]中DDDS算法规范中的词汇表。
From the point of view of this system, there is no theoretical difference between resolving URIs in the general case and URNs in the specific case. Operationally however, there is a difference that stems from URI resolution possibly not becoming of widespread use. If URN resolution is collapsed into generic URI resolution, URNs may suffer by the lack of adoption of URI resolution.
从该系统的角度来看,在一般情况下解析URI与在特定情况下解析URN之间没有理论上的区别。然而,在操作上,URI解析可能没有得到广泛使用,这就产生了一个差异。如果URN解析被压缩为通用URI解析,URN可能会因未采用URI解析而受到影响。
The solution is to allow for shortcutting for URN resolution. In the following specification generic URI resolution starts by inserting rules for known URI schemes into the 'uri.arpa.' registry. For the 'URN:' URI scheme, one of the rules found in 'uri.arpa.' would be for the 'urn' URI scheme. This rule would simply delegate to the 'urn.arpa.' zone for additional NAPTRs based on the URN namespace. Essentially, the URI Resolution Rewrite Rule for 'URN:' is the URN Resolution Application's First Well Known Rule.
解决方案是考虑到URN分辨率的快捷方式。在以下规范中,通用URI解析首先将已知URI方案的规则插入“URI.arpa.”注册表。对于'URN:'URI方案,在'URI.arpa'中找到的规则之一将用于'URN'URI方案。此规则将简单地委托给“urn.arpa.”区域,用于基于urn命名空间的其他NAPTR。本质上,“URN:”的URI解析重写规则是URN解析应用程序的第一条众所周知的规则。
Therefore, this document specifies two DDDS Applications. One is for URI Resolution and the other is for URN Resolution. Both are technically identical but by separating the two URN Resolution can still proceed without the dependency.
因此,本文件规定了两种DDDS应用。一个用于URI解析,另一个用于URN解析。两者在技术上完全相同,但通过分离两个URN,仍然可以在没有依赖关系的情况下继续进行解析。
This template defines the URI and URN Resolution DDDS Application according to the rules and requirements found in [3]. The DDDS database used by this Application is found in [4] which is the document that defines the Naming Authority Pointer (NAPTR) DNS Resource Record (RR) type.
此模板根据[3]中的规则和要求定义URI和URN解析DDDS应用程序。此应用程序使用的DDDS数据库位于[4]中,该文档定义了命名机构指针(NAPTR)DNS资源记录(RR)类型。
The Application Unique String is the URI or URN for which an authoritative server is being located. This URI or URN MUST be canonicalized and hex encoded according to the "absolute-uri" production found in the Collected ABNF from RFC 2396 [15].
应用程序唯一字符串是权威服务器所在的URI或URN。此URI或URN必须根据从RFC 2396收集的ABNF中找到的“绝对URI”产品进行规范化和十六进制编码[15]。
In the URI case, the first known key is created by taking the URI scheme. In the URN case, the first known key is the Namespace Identifier. For example, the URI 'http://www.example.com/' would have a 'http' as its Key. The URN 'urn:foo:foospace' would have 'foo' as its first Key.
在URI的情况下,通过采用URI方案创建第一个已知密钥。在URN的情况下,第一个已知的键是名称空间标识符。例如,URI的http://www.example.com/'将有一个“http”作为其密钥。URN'URN:foo:foospace'的第一个键是'foo'。
At this time only four flags, "S", "A", "U", and "P", are defined. The "S", "A" and "U" flags are for a terminal lookup. This means that the Rule is the last one and that the flag determines what the next stage should be. The "S" flag means that the output of this Rule is a domain-name for which one or more SRV [9] records exist. See Section 5 for additional information on how URI and URN Resolution use the SRV record type. "A" means that the output of the Rule is a domain-name and should be used to lookup either A, AAAA, or A6 records for that domain. The "U" flag means that the output of the Rule is a URI [15].
此时仅定义了四个标志“S”、“A”、“U”和“P”。“S”、“A”和“U”标志用于终端查找。这意味着规则是最后一个,标志决定下一个阶段应该是什么。“S”标志表示此规则的输出是存在一个或多个SRV[9]记录的域名。有关URI和URN解析如何使用SRV记录类型的更多信息,请参见第5节。“A”表示规则的输出是域名,应用于查找该域的A、AAAA或A6记录。“U”标志意味着规则的输出是一个URI[15]。
The "P" flag says that the remainder of the DDDS Algorithm is ignored and that the rest of the process is application specific and outside the scope of this document. An application can use the Protocol part found in the Services field to identify which Application specific set of rules that should be followed next. The record that contains the 'P' flag is the last record that is interpreted by the rules in this document. One might think that this would also make the "P"
“P”标志表示DDDS算法的其余部分被忽略,流程的其余部分是特定于应用程序的,不在本文档的范围内。应用程序可以使用在“服务”字段中找到的协议部分来标识下一步应该遵循的特定于应用程序的规则集。包含“P”标志的记录是由本文档中的规则解释的最后一条记录。有人可能会认为这也会使“P”
flag an indicator of a terminal lookup but this would be incorrect since a "terminal" Rule is a DDDS concept and this flag indicates that anything after this rule does not adhere to DDDS concepts at all.
标记终端查找的指示符,但这是不正确的,因为“终端”规则是DDDS概念,此标记表示此规则之后的任何内容都不符合DDDS概念。
The remaining alphabetic flags are reserved for future versions of this specification. The numeric flags may be used for local experimentation. The S, A, U and P flags are all mutually exclusive, and resolution libraries MAY signal an error if more than one is given. (Experimental code and code for assisting in the creation of Rewrite Rules would be more likely to signal such an error than a client such as a browser.) It is anticipated that multiple flags will be allowed in the future, so implementers MUST NOT assume that the flags field can only contain 0 or 1 characters. Finally, if a client encounters a record with an unknown flag, it MUST ignore it and move to the next Rule. This test takes precedence over any ordering since flags can control the interpretation placed on fields. A novel flag might change the interpretation of the regexp and/or replacement fields such that it is impossible to determine if a record matched a given target.
其余的字母标志保留给本规范的未来版本。数字标志可用于本地实验。S、A、U和P标志都是互斥的,如果给出了多个标志,则分辨率库可能会发出错误信号。(实验代码和用于帮助创建重写规则的代码比客户端(如浏览器)更可能发出此类错误的信号。)预计未来将允许使用多个标志,因此实现者不得假设标志字段只能包含0或1个字符。最后,如果客户机遇到具有未知标志的记录,它必须忽略该记录并移动到下一个规则。此测试优先于任何顺序,因为标志可以控制放置在字段上的解释。新标志可能会更改regexp和/或替换字段的解释,从而无法确定记录是否与给定目标匹配。
The "S", "A", and "U" flags are called 'terminal' flags since they halt the looping DDDS algorithm. If those flags are not present, clients may assume that another Rule exists at the Key produced by the current Rewrite Rule.
“S”、“A”和“U”标志称为“终端”标志,因为它们停止循环DDDS算法。如果这些标志不存在,客户端可能会认为当前重写规则生成的密钥处存在另一个规则。
Service Parameters for this Application take the form of a string of characters that follow this ABNF:
此应用程序的服务参数采用以下ABNF后面的字符串形式:
service_field = [ [protocol] *("+" rs)]
protocol = ALPHA *31ALPHANUM
rs = ALPHA *31ALPHANUM
; The protocol and rs fields are limited to 32
; characters and must start with an alphabetic.
service_field = [ [protocol] *("+" rs)]
protocol = ALPHA *31ALPHANUM
rs = ALPHA *31ALPHANUM
; The protocol and rs fields are limited to 32
; characters and must start with an alphabetic.
In other words, an optional protocol specification followed by 0 or more resolution services. Each resolution service is indicated by an initial '+' character.
换句话说,一个可选协议规范后跟0个或多个解析服务。每个解析服务都由一个初始“+”字符表示。
The empty string is also valid. This will typically be seen at the beginning of a series of Rules, when it is impossible to know what services and protocols will be offered at the end of a particular delegation path.
空字符串也是有效的。这通常出现在一系列规则的开头,此时不可能知道在特定委托路径的末尾将提供哪些服务和协议。
The service identifiers that make up the 'rs' production are generic for both URI and URN resolution since the input value types itself based on the URI scheme. The list of valid services are defined in [11].
构成“rs”产品的服务标识符对于URI和URN解析都是通用的,因为输入值类型本身基于URI方案。[11]中定义了有效服务的列表。
Examples of some of these services are:
这些服务包括:
I2L: given a URI return one URI that identifies a location where the original URI can be found.
I2L:给定一个URI,返回一个URI,该URI标识可以找到原始URI的位置。
I2Ls: given a URI return one or more URIs that identify multiple locations where the original URI can be found.
I2Ls:给定一个URI,返回一个或多个URI,这些URI标识可以找到原始URI的多个位置。
I2R: given a URI return one instance of the resource identified by that URI.
I2R:给定URI,返回该URI标识的资源的一个实例。
I2Rs: given a URI return one or more instances of the resources identified by that URI.
I2Rs:给定URI,返回该URI标识的资源的一个或多个实例。
I2C: given a URI return one instance of a description of that resource.
I2C:给定URI,返回该资源描述的一个实例。
I2N: given a URI return one URN that names the resource (Caution: equality with respect to URNs is non-trivial. See [6] for examples of why.)
I2N:给定URI,返回一个为资源命名的URN(注意:URN的相等性并非无关紧要。有关原因的示例,请参见[6])
The protocol identifiers that are valid for the 'protocol' production MUST be defined by documents that are specific to URI resolution. At present the THTTP [10] protocol is the only such specification.
对于“协议”产品有效的协议标识符必须由特定于URI解析的文档定义。目前,THTTP[10]协议是唯一的此类规范。
It is extremely important to realize that simply specifying any protocol in the services field is insufficient since there are additional semantics surrounding URI resolution that are not defined within the protocols. For example, if Z39.50 were to be specified as a valid protocol it would have to additionally define how it would encode requests for specific services, how the URI is encoded, and what information is returned.
认识到仅仅在服务字段中指定任何协议是不够的,这一点非常重要,因为在协议中没有定义URI解析的附加语义。例如,如果要将Z39.50指定为有效协议,它必须另外定义如何对特定服务的请求进行编码、URI如何编码以及返回什么信息。
Since it is possible for there to be a complex set of possible protocols and services a client application may often need to apply a more complex decision making process to a set of records than simply matching on an ordered list of protocols. For example, if there are 4 rules that are applicable the last one may have a more desirable Service field than the first. But since the client may be satisfied by the first it will never know about the 4th one which may be 'better'.
由于可能存在一组复杂的可能协议和服务,因此客户端应用程序通常需要对一组记录应用更复杂的决策过程,而不仅仅是在协议的有序列表上进行匹配。例如,如果有4条规则适用,则最后一条规则可能比第一条规则具有更理想的服务字段。但由于客户可能会对第一个感到满意,因此它永远不会知道第四个可能“更好”。
To mitigate this the client may want to slightly modify the DDDS algorithm (for this application only!) in order to determine if more applicable protocols/services exist. This can safely be done for this application by using a more complex interaction between steps 3 and 4 of the DDDS algorithm in order to find the optimal path to follow. For example, once a client has found a rule who's Substitution Expression produces a result and who's Service description is acceptable, it may make note of this but continue to look at further rules that apply (all the while adhering to the Order!) in order to find a better one. If none are found it can use the one it made note of.
为了缓解这种情况,客户端可能需要稍微修改DDDS算法(仅适用于此应用!),以确定是否存在更多适用的协议/服务。通过在DDDS算法的步骤3和步骤4之间使用更复杂的交互,可以安全地完成此应用程序,以便找到要遵循的最佳路径。例如,一旦客户机找到了一条规则,谁的替换表达式产生了一个结果,谁的服务描述是可接受的,它可能会注意到这一点,但会继续查看应用的进一步规则(始终遵循顺序!),以便找到更好的规则。如果没有找到,它可以使用它记录的那个。
Keep in mind that in order for this to remain safe, the input to step 3 and the output of step 4 MUST be identical to the basic algorithm. The client software MUST NOT attempt to do this optimization outside a specific set of Rewrite Rules (i.e., across delegation paths).
请记住,为了保持安全,步骤3的输入和步骤4的输出必须与基本算法相同。客户端软件不得尝试在特定重写规则集之外(即,跨委托路径)进行此优化。
At present only one DDDS Database is specified for this Application. "Dynamic Delegation Discovery System (DDDS) Part Three: The Domain Name System (DNS) Database" (RFC 3403) [4] specifies a DDDS Database that uses the NAPTR DNS resource record to contain the rewrite rules. The Keys for this database are encoded as domain-names.
目前,仅为此应用程序指定了一个DDDS数据库。“动态委派发现系统(DDDS)第三部分:域名系统(DNS)数据库”(RFC 3403)[4]指定使用NAPTR DNS资源记录包含重写规则的DDDS数据库。此数据库的密钥编码为域名。
The output of the First Well Known Rule for the URI Resolution Application is the URI's scheme. In order to convert this to a unique key in this Database the string '.uri.arpa.' is appended to the end. This domain-name is used to request NAPTR records which produces new keys in the form of domain-names.
URI解析应用程序的第一条众所周知的规则的输出是URI的方案。为了将其转换为该数据库中的唯一键,字符串“.uri.arpa.”被追加到末尾。此域名用于请求NAPTR记录,该记录以域名的形式生成新密钥。
The output of the First Well Known Rule of the URN Resolution Application is the URN's namespace id. In order to convert this to a unique key in this Database the string '.urn.arpa.' is appended to the end. This domain-name is used to request NAPTR records which produces new keys in the form of domain-names.
URN解析应用程序的第一条众所周知的规则的输出是URN的命名空间id。为了将其转换为此数据库中的唯一键,字符串“.URN.arpa.”被附加到末尾。此域名用于请求NAPTR记录,该记录以域名的形式生成新密钥。
DNS servers MAY interpret Flag values and use that information to include appropriate SRV and A records in the Additional Information portion of the DNS packet. Clients are encouraged to check for additional information but are not required to do so. See the Additional Information Processing section of RFC 3404 for more information on NAPTR records and the Additional Information section of a DNS response packet.
DNS服务器可以解释标志值并使用该信息在DNS分组的附加信息部分中包括适当的SRV和A记录。鼓励客户查看更多信息,但不要求客户查看。有关NAPTR记录和DNS响应数据包的附加信息部分的更多信息,请参阅RFC 3404的附加信息处理部分。
The character set used to encode the substitution expression is UTF-8. The allowed input characters are all those characters that are allowed anywhere in a URI. The characters allowed to be in a Key are those that are currently defined for DNS domain-names. The "i" flag to the substitution expression is used to denote that, where appropriate for the code points in question, any matches should be done in a case-insensitive way.
用于编码替换表达式的字符集是UTF-8。允许的输入字符是URI中任何位置允许的所有字符。密钥中允许的字符是当前为DNS域名定义的字符。替换表达式的“i”标志用于表示,在适用于所讨论的代码点的情况下,任何匹配都应以不区分大小写的方式进行。
Consider a URN that uses the hypothetical FOO namespace. FOO numbers are identifiers for approximately 30 million registered businesses around the world, assigned and maintained by Fred, Otto and Orvil, Inc. The URN might look like:
考虑使用假设的FoO命名空间的URN。FOO编号是全世界约3000万注册企业的标识符,由Fred、Otto和Orvil,Inc.分配和维护。URN可能如下所示:
urn:foo:002372413:annual-report-1997
urn:foo:002372413:annual-report-1997
The first step in the resolution process is to find out about the FOO namespace. The namespace identifier [8], "foo", is extracted from the URN and prepended to '.urn.arpa.', producing 'foo.urn.arpa.'. The DNS is queried for NAPTR records for this domain which produces the following results:
解析过程的第一步是了解FOO名称空间。命名空间标识符[8]“foo”是从URN中提取出来的,并在“.URN.arpa.”前面加上前缀,生成“foo.URN.arpa.”。查询DNS以查找此域的NAPTR记录,这将产生以下结果:
foo.urn.arpa. ;; order pref flags service regexp replacement IN NAPTR 100 10 "s" "foolink+I2L+I2C" "" foolink.udp.example.com. IN NAPTR 100 20 "s" "rcds+I2C" "" rcds.udp.example.com. IN NAPTR 100 30 "s" "thttp+I2L+I2C+I2R" "" thttp.tcp.example.com.
foo.urn.arpa;;order pref flags service regexp replacement位于NAPTR 100 10“s”“傻瓜链接+I2L+I2C”“”傻瓜链接.udp.example.com中。在NAPTR 100 20“s”“rcds+I2C”“rcds.udp.example.com中。在NAPTR 100 30“s”thttp+I2L+I2C+I2R“thttp.tcp.example.com中。
The order field contains equal values, indicating that no order has to be followed. The preference field indicates that the provider would like clients to use the special 'foolink' protocol, followed by the RCDS protocol, and that THTTP is offered as a last resort. All the records specify the "s" flag which means that the record is terminal and that the next step is to retrieve an SRV record from DNS for the given domain-name.
order字段包含相等的值,表示无需遵循任何顺序。首选项字段表示提供商希望客户使用特殊的“傻瓜链接”协议,然后是RCDS协议,并且THTTP是作为最后手段提供的。所有记录都指定“s”标志,这意味着该记录是终端记录,下一步是从DNS检索给定域名的SRV记录。
The service fields say that if we speak of foolink, we will be able to issue either the I2L, I2C or I2R requests to obtain a URI or ask some complicated questions about the resource. The Resource Cataloging and Distribution Service (RCDS) [12] could be used to get some metadata for the resource, while THTTP could be used to get a URI for the current location of the resource.
服务字段表示,如果我们谈到傻瓜链接,我们将能够发出I2L、I2C或I2R请求以获取URI或询问有关资源的一些复杂问题。资源编目和分发服务(RCDS)[12]可用于获取资源的一些元数据,而THTTP可用于获取资源当前位置的URI。
Assuming our client does not know the foolink protocol but does know the RCDS protocol, our next action is to lookup SRV RRs for rcds.udp.example.com, which will tell us hosts that can provide the necessary resolution service. That lookup might return:
假设我们的客户端不知道傻瓜链接协议,但知道RCDS协议,我们的下一步操作是查找RCDS.udp.example.com的SRV RRs,这将告诉我们可以提供必要的解析服务的主机。该查找可能会返回:
;; Pref Weight Port Target rcds.udp.example.com IN SRV 0 0 1000 deffoo.example.com. IN SRV 0 0 1000 dbexample.com.au. IN SRV 0 0 1000 ukexample.com.uk.
;; SRV 0 0 1000 deffoo.example.com中的Pref Weight Port Target rcds.udp.example.com。在SRV 0 0 1000 dbexample.com.au中。在SRV 0 0 1000 ukexample.com.uk中。
telling us three hosts that could actually do the resolution, and giving us the port we should use to talk to their RCDS server. (The reader is referred to the SRV specification [9] for the interpretation of the fields above.)
告诉我们三台主机实际上可以进行解析,并给我们应该用来与他们的RCDS服务器通信的端口。(读者可参考SRV规范[9]了解上述字段的解释。)
There is opportunity for significant optimization here. RFC 3404 defines that Additional Information section may be available. In this case the the SRV records may be returned as additional information for terminal NAPTRs lookups (as well as the A records for those SRVs). This is a significant optimization. In conjunction with a long TTL for *.urn.arpa. records, the average number of probes to DNS for resolving most URIs would approach one.
这里有进行重大优化的机会。RFC 3404定义了附加信息部分可能可用。在这种情况下,可以返回SRV记录作为终端NAPTRs查找的附加信息(以及这些SRV的A记录)。这是一个重要的优化。与*.urn.arpa的长TTL结合使用。记录,用于解析大多数URI的DNS探测的平均数量将接近一个。
Note that the example NAPTR records above are intended to represent the result of a NAPTR lookup using some client software like nslookup; zone administrators should consult the documentation accompanying their domain name servers to verify the precise syntax they should use for zone files.
请注意,上面的示例NAPTR记录旨在表示使用某些客户端软件(如nslookup)进行NAPTR查找的结果;区域管理员应查阅其域名服务器附带的文档,以验证其应用于区域文件的精确语法。
Also note that there could have been an additional first step where the URN was resolved as a generic URI by looking up urn.uri.arpa. The resulting rule would have specified that the NID be extracted from the URN and '.urn.arpa.' appended to it resulting in the new key 'foo.urn.arpa.' which is the first step from above.
还请注意,可能还有一个额外的第一步,即通过查找URN.URI.arpa将URN解析为通用URI。生成的规则将指定从URN中提取NID,并将“.URN.arpa.”附加到其中,从而生成新密钥“foo.URN.arpa.”,这是上面的第一步。
Consider a URI scheme based on MIME Content-Ids. The URI might look like this:
考虑基于MIME内容ID的URI方案。URI可能如下所示:
cid:199606121851.1@bar.example.com
cid:199606121851。1@bar.example.com
(Note that this example is chosen for pedagogical purposes, and does not conform to the CID URI scheme.)
(请注意,选择此示例是出于教学目的,不符合CID URI方案。)
The first step in the resolution process is to find out about the CID scheme. The scheme is extracted from the URI, prepended to '.uri.arpa.', and the NAPTR for 'cid.uri.arpa.' looked up in the DNS. It might return records of the form:
解析过程的第一步是了解CID方案。该方案从URI中提取,前缀为“.URI.arpa.”,并从DNS中查找“cid.URI.arpa.”的NAPTR。它可能会返回以下表单的记录:
cid.uri.arpa. ;; order pref flags service regexp replacement IN NAPTR 100 10 "" "" "!^cid:.+@([^\.]+\.)(.*)$!\2!i" .
cid.uri.arpa;;订单预处理标志NAPTR 100 10“”中的服务regexp替换!^cid:.+@([^\.]+\)(.*)$!\2!i”。
Since there is only one record, ordering the responses is not a problem. The replacement field is empty, so the pattern provided in the regexp field is used. We apply that regexp to the entire URI to see if it matches, which it does. The \2 part of the substitution expression returns the string "example.com". Since the flags field is empty, the lookup is not terminal and our next probe to DNS is for more NAPTR records where the new domain is 'example.com'.
因为只有一条记录,所以排序响应不是问题。替换字段为空,因此使用regexp字段中提供的模式。我们将该regexp应用于整个URI,以查看它是否匹配,它确实匹配。替换表达式的\2部分返回字符串“example.com”。由于flags字段为空,因此查找不是终端,我们对DNS的下一个探测是查找更多NAPTR记录,其中新域为“example.com”。
Note that the rule does not extract the full domain name from the CID, instead it assumes the CID comes from a host and extracts its domain. While all hosts, such as 'bar', could have their very own NAPTR, maintaining those records for all the machines at a site could be an intolerable burden. Wildcards are not appropriate here since they only return results when there is no exactly matching names already in the system.
请注意,该规则不会从CID中提取完整域名,而是假定CID来自主机并提取其域。虽然所有主机(如“bar”)都可以有自己的NAPTR,但维护站点中所有机器的记录可能是一个无法忍受的负担。通配符在这里不合适,因为它们仅在系统中没有完全匹配的名称时返回结果。
The record returned from the query on "example.com" might look like:
从“example.com”上的查询返回的记录可能如下所示:
example.com. ;; order pref flags service regexp replacement IN NAPTR 100 50 "s" "z3950+I2L+I2C" "" z3950.tcp.example.com. IN NAPTR 100 50 "s" "rescap+I2C" "" rescap.udp.example.com. IN NAPTR 100 50 "s" "thttp+I2L+I2C+I2R" "" thttp.tcp.example.com.
example.com;;order pref标志NAPTR 100 50“s”“z3950+I2L+I2C”“z3950.tcp.example.com中的服务regexp替换。在NAPTR 100 50“s”rescap+I2C“rescap.udp.example.com中。在NAPTR 100 50“s”thttp+I2L+I2C+I2R“thttp.tcp.example.com中。
Continuing with the example, note that the values of the order fields are equal for all records, so the client is free to pick any record. The Application defines the flag 's' to mean a terminal lookup and that the output of the rewrite will be a domain-name for which an SRV record should be queried. Once the client has done that, it has the following information: the host, port, the protocol, and the services available via that protocol. Given these bits of information the client has enough to be able to contact that server and ask it questions about the cid URI.
继续示例,请注意,对于所有记录,订单字段的值都是相等的,因此客户机可以自由选择任何记录。应用程序将标志“s”定义为表示终端查找,并且重写的输出将是一个应查询SRV记录的域名。一旦客户机完成了这项工作,它就拥有以下信息:主机、端口、协议以及通过该协议可用的服务。给定这些信息,客户机就有足够的能力联系该服务器并向其询问有关cid URI的问题。
Recall that the regular expression used \2 to extract a domain name from the CID, and \. for matching the literal '.' characters separating the domain name components. Since '\' is the escape character, literal occurrences of a backslash must be escaped by another backslash. For the case of the cid.uri.arpa record above, the regular expression entered into the master file should be "!^cid:.+@([^\\.]+\\.)(.*)$!\\2!i". When the client code actually receives the record, the pattern will have been converted to "!^cid:.+@([^\.]+\.)(.*)$!\2!i".
回想一下,正则表达式使用\2从CID中提取域名,以及\。用于匹配分隔域名组件的文本“.”字符。由于“\”是转义字符,因此反斜杠的文字引用必须由另一个反斜杠转义。对于上面的cid.uri.arpa记录,输入主文件的正则表达式应为“!^cid:.+@([^\.]+\\)(.*)$!\\2!i”。当客户机代码实际收到记录时,模式将被转换为“!^cid:.+@([^\.]+\)(.*)$!\2!i”。
Even if URN systems were in place now, there would still be a tremendous number of host based URIs. It should be possible to develop a URI resolution system that can also provide location independence for those URIs.
即使现在有了URN系统,仍然会有大量基于主机的uri。应该可以开发一个URI解析系统,该系统还可以为这些URI提供位置独立性。
Assume we have the URI for a very popular piece of software that the publisher wishes to mirror at multiple sites around the world:
假设我们有一个非常流行的软件的URI,发布者希望在世界各地的多个站点镜像该软件:
http://www.example.com/software/latest-beta.exe
http://www.example.com/software/latest-beta.exe
We extract the prefix, "http", and lookup NAPTR records for 'http.uri.arpa.'. This might return a record of the form:
我们提取前缀“http”,并查找“http.uri.arpa”的NAPTR记录。这可能会返回以下表单的记录:
http.uri.arpa. IN NAPTR ;; order pref flags service regexp replacement 100 90 "" "" "!^http://([^/:]+)!1!i" .
http.uri.arpa。在NAPTR;;order pref flags service regexp replacement 100 90“”!^http:/([^/:]+)!1!i”。
This expression returns everything after the first double slash and before the next slash or colon. (We use the '!' character to delimit the parts of the substitution expression. Otherwise we would have to use backslashes to escape the forward slashes, and would have a regexp in the zone file that looked like this: "/^http:\\/\\/([^\\/:]+)/\\1/i").
此表达式返回第一个双斜杠之后和下一个斜杠或冒号之前的所有内容。(我们使用“!”字符来分隔替换表达式的各个部分。否则,我们将不得不使用反斜杠来转义正斜杠,并且区域文件中的regexp如下所示:“/^http:\/\\/([^\\/:]+)/\\1/i”)。
Applying this pattern to the URI extracts "www.example.com". Looking up NAPTR records for that might return:
将此模式应用于URI提取“www.example.com”。查找可能返回的NAPTR记录:
www.example.com. ;; order pref flags service regexp replacement IN NAPTR 100 100 "s" "thttp+L2R" "" thttp.example.com. IN NAPTR 100 100 "s" "ftp+L2R" "" ftp.example.com.
www.example.com;;在NAPTR 100 100“s”“thttp+L2R”“thttp.example.com中订购pref标志服务regexp替换。在NAPTR 100 100“s”ftp+L2R“ftp.example.com中。
Looking up SRV records for thttp.example.com would return information on the hosts that example.com has designated to be its mirror sites. The client can then pick one for the user.
查找thttp.example.com的SRV记录将返回example.com指定为其镜像站点的主机的信息。然后,客户端可以为用户选择一个。
o Registration procedures for the 'urn.arpa.' and 'uri.arpa.' DNS zones are specified in "Dynamic Delegation Discovery System (DDDS) Part Five: URI.ARPA Assignment Procedures" (RFC 3405 [5].
o “动态委派发现系统(DDDS)第五部分:uri.arpa分配程序”(RFC 3405[5])中规定了“urn.arpa.”和“uri.arpa.”DNS区域的注册程序。
o If a record at a particular order matches the URI, but the client doesn't know the specified protocol and service, the client SHOULD continue to examine records that have the same order. The client MUST NOT consider records with a higher value of order. This is necessary to make delegation of portions of the namespace work. The order field is what lets site administrators say "all requests for URIs matching pattern x go to server 1, all others go to server 2".
o 如果特定顺序的记录与URI匹配,但客户端不知道指定的协议和服务,则客户端应继续检查具有相同顺序的记录。客户端不能考虑具有更高的订单值的记录。这是使命名空间部分的委派工作正常所必需的。order字段允许站点管理员说“所有与模式x匹配的URI请求转到服务器1,所有其他请求转到服务器2”。
o Note that SRV RRs impose additional requirements on clients.
o 请注意,SRV RRs对客户提出了附加要求。
The use of the "urn.arpa." and "uri.arpa." zones requires registration policies and procedures to be followed and for the operation of those DNS zones to be maintained. These policies and procedures are spelled out in a "Dynamic Delegation Discovery System (DDDS) Part Five: URI.ARPA Assignment Procedures (RFC 3405)" [5]. The operation of those zones imposes operational and administrative responsibilities on the IANA.
使用“urn.arpa.”和“uri.arpa.”区域需要遵循注册策略和程序,并维护这些DNS区域的操作。这些策略和过程在“动态委派发现系统(DDDS)第五部分:URI.ARPA分配过程(RFC 3405)”中有详细说明[5]。这些区域的运营将运营和管理责任强加给IANA。
The registration method used for values in the Services and Flags fields is for a specification to be approved by the IESG and published as either an Informational or standards track RFC.
服务和标志字段中的值使用的注册方法适用于IESG批准的规范,并作为信息性或标准跟踪RFC发布。
The registration policies for URIs is found in RFC 2717 [17]. URN NID registration policies are found in RFC 2611 [16].
URI的注册策略见RFC 2717[17]。URN NID注册策略见RFC 2611[16]。
The use of "urn.arpa." and "uri.arpa." as the registry for namespaces is subject to denial of service attacks, as well as other DNS spoofing attacks. The interactions with DNSSEC are currently being studied. It is expected that NAPTR records will be signed with SIG records once the DNSSEC work is deployed.
使用“urn.arpa.”和“uri.arpa.”作为名称空间的注册表会受到拒绝服务攻击以及其他DNS欺骗攻击。目前正在研究与DNSSEC的相互作用。预计一旦部署DNSSEC工作,NAPTR记录将与SIG记录一起签名。
The rewrite rules make identifiers from other namespaces subject to the same attacks as normal domain names. Since they have not been easily resolvable before, this may or may not be considered a problem.
重写规则使来自其他名称空间的标识符受到与普通域名相同的攻击。由于它们以前不容易解决,这可能被认为是问题,也可能不被认为是问题。
Regular expressions should be checked for sanity, not blindly passed to something like PERL.
应该检查正则表达式是否健全,而不是盲目地传递给PERL之类的东西。
This document has discussed a way of locating a resolver, but has not discussed any detail of how the communication with the resolver takes place. There are significant security considerations attached to the communication with a resolver. Those considerations are outside the scope of this document, and must be addressed by the specifications for particular resolver communication protocols.
本文档讨论了定位冲突解决程序的方法,但没有讨论如何与冲突解决程序进行通信的任何细节。与冲突解决程序的通信有重要的安全考虑。这些注意事项不在本文件的范围内,必须通过特定解析器通信协议的规范加以解决。
The editors would like to thank Keith Moore for all his consultations during the development of this document. We would also like to thank Paul Vixie for his assistance in debugging our implementation, and his answers on our questions. Finally, we would like to acknowledge our enormous intellectual debt to the participants in the Knoxville series of meetings, as well as to the participants in the URI and URN working groups.
编辑们要感谢Keith Moore在编写本文件过程中进行的所有咨询。我们还要感谢Paul Vixie在调试我们的实现过程中提供的帮助,以及他对我们问题的回答。最后,我们要感谢我们对诺克斯维尔系列会议与会者以及URI和URN工作组与会者的巨大知识债务。
Specific recognition is given to Ron Daniel who was co-author on the original versions of these documents. His early implementations and clarity of thinking was invaluable in clearing up many of the potential boundary cases.
罗恩·丹尼尔(Ron Daniel)是这些文件原始版本的合著者,对此给予了特别的认可。他早期的实现和清晰的思维对于澄清许多潜在的边界案例是非常宝贵的。
References
工具书类
[1] Mealling, M., "Dynamic Delegation Discovery System (DDDS) Part One: The Comprehensive DDDS", RFC 3401, October 2002.
[1] Mealling,M,“动态委托发现系统(DDDS)第一部分:综合DDDS”,RFC 3401,2002年10月。
[2] Mealling, M., "Dynamic Delegation Discovery System (DDDS) Part Two: The Algorithm", RFC 3402, October 2002.
[2] Mealling,M.,“动态委托发现系统(DDDS)第二部分:算法”,RFC3402,2002年10月。
[3] Mealling, M., "Dynamic Delegation Discovery System (DDDS) Part Three: The Domain Name System (DNS) Database", RFC 3403, October 2002.
[3] Mealling,M.“动态委托发现系统(DDDS)第三部分:域名系统(DNS)数据库”,RFC3403,2002年10月。
[4] Mealling, M., "Dynamic Delegation Discovery System (DDDS) Part Four: The Uniform Resource Identifiers (URI) Resolution Application", RFC 3404, October 2002.
[4] Mealling,M.“动态委托发现系统(DDDS)第四部分:统一资源标识符(URI)解析应用”,RFC3404,2002年10月。
[5] Mealling, M., "Dynamic Delegation Discovery System (DDDS) Part Five: URI.ARPA Assignment Procedures", RFC 3405y, October 2002.
[5] Mealling,M.“动态委托发现系统(DDDS)第五部分:URI.ARPA分配过程”,RFC 3405y,2002年10月。
[6] Sollins, K. and L. Masinter, "Functional Requirements for Uniform Resource Names", RFC 1737, December 1994.
[6] Sollins,K.和L.Masinter,“统一资源名称的功能要求”,RFC 1737,1994年12月。
[7] Arms, B., "The URN Implementors, Uniform Resource Names: A Progress Report", D-Lib Magazine, February 1996.
[7] Arms,B.,“URN实现者,统一资源名称:进展报告”,D-Lib杂志,1996年2月。
[8] Moats, R., "URN Syntax", RFC 2141, May 1997.
[8] 护城河,R.,“瓮语法”,RFC 21411997年5月。
[9] Gulbrandsen, A., Vixie, P. and L. Esibov, "A DNS RR for specifying the location of services (DNS SRV)", RFC 2782, February 2000.
[9] Gulbrandsen,A.,Vixie,P.和L.Esibov,“用于指定服务位置(DNS SRV)的DNS RR”,RFC 2782,2000年2月。
[10] Daniel, R., "A Trivial Convention for using HTTP in URN Resolution", RFC 2169, June 1997.
[10] Daniel,R.,“在URN解析中使用HTTP的简单约定”,RFC 2169,1997年6月。
[11] Mealling, M., "URI Resolution Services Necessary for URN Resolution", RFC 2483, January 1999.
[11] Mealling,M.“URN解析所需的URI解析服务”,RFC 2483,1999年1月。
[12] Moore, K., Browne, S., Cox, J. and J. Gettler, "Resource Cataloging and Distribution System", Technical Report CS-97-346, December 1996.
[12] Moore,K.,Browne,S.,Cox,J.和J.Gettler,“资源编目和分发系统”,技术报告CS-97-346,1996年12月。
[13] Sollins, K., "Architectural Principles of Uniform Resource Name Resolution", RFC 2276, January 1998.
[13] Sollins,K.,“统一资源名称解析的体系结构原则”,RFC 2276,1998年1月。
[14] Daniel, R. and M. Mealling, "Resolution of Uniform Resource Identifiers using the Domain Name System", RFC 2168, June 1997.
[14] Daniel,R.和M.Mealling,“使用域名系统解析统一资源标识符”,RFC 2168,1997年6月。
[15] Berners-Lee, T., Fielding, R. and L. Masinter, "Uniform Resource Identifiers (URI): Generic Syntax", RFC 2396, August 1998.
[15] Berners Lee,T.,Fielding,R.和L.Masinter,“统一资源标识符(URI):通用语法”,RFC 2396,1998年8月。
[16] Daigle, L., van Gulik, D., Iannella, R. and P. Falstrom, "URN Namespace Definition Mechanisms", RFC 2611, BCP 33, June 1999.
[16] Daigle,L.,van Gulik,D.,Iannella,R.和P.Falstrom,“URN名称空间定义机制”,RFC 2611,BCP 331999年6月。
[17] Petke, R. and I. King, "Registration Procedures for URL Scheme Names", RFC 2717, BCP 35, November 1999.
[17] Petke,R.和I.King,“URL方案名称的注册程序”,RFC 2717,BCP 35,1999年11月。
[18] Mealling, M. and R. Daniel, "The Naming Authority Pointer (NAPTR) DNS Resource Record", RFC 2915, August 2000.
[18] Mealling,M.和R.Daniel,“命名机构指针(NAPTR)DNS资源记录”,RFC 2915,2000年8月。
For the edification of implementers, pseudocode for a client routine using NAPTRs is given below. This code is provided merely as a convenience, it does not have any weight as a standard way to process NAPTR records. Also, as is the case with pseudocode, it has never been executed and may contain logical errors. You have been warned.
为了启发实现者,下面给出了使用NAPTRs的客户机例程的伪代码。提供此代码只是为了方便起见,作为处理NAPTR记录的标准方法,它没有任何份量。此外,与伪代码一样,它从未执行过,并且可能包含逻辑错误。你已经被警告了。
//
// findResolver(URN)
// Given a URN, find a host that can resolve it.
//
findResolver(string URN) {
// prepend prefix to ".urn.arpa."
sprintf(key, "%s.urn.arpa.", extractNS(URN));
do {
rewrite_flag = false;
terminal = false;
if (key has been seen) {
quit with a loop detected error
}
add key to list of "seens"
records = lookup(type=NAPTR, key); // get all NAPTR RRs for 'key'
//
// findResolver(URN)
// Given a URN, find a host that can resolve it.
//
findResolver(string URN) {
// prepend prefix to ".urn.arpa."
sprintf(key, "%s.urn.arpa.", extractNS(URN));
do {
rewrite_flag = false;
terminal = false;
if (key has been seen) {
quit with a loop detected error
}
add key to list of "seens"
records = lookup(type=NAPTR, key); // get all NAPTR RRs for 'key'
discard any records with an unknown value in the "flags" field.
sort NAPTR records by "order" field and "preference" field
(with "order" being more significant than "preference").
n_naptrs = number of NAPTR records in response.
curr_order = records[0].order;
max_order = records[n_naptrs-1].order;
discard any records with an unknown value in the "flags" field.
sort NAPTR records by "order" field and "preference" field
(with "order" being more significant than "preference").
n_naptrs = number of NAPTR records in response.
curr_order = records[0].order;
max_order = records[n_naptrs-1].order;
// Process current batch of NAPTRs according to "order" field.
for (j=0; j < n_naptrs && records[j].order <= max_order; j++) {
if (unknown_flag) // skip this record and go to next one
continue;
newkey = rewrite(URN, naptr[j].replacement, naptr[j].regexp);
if (!newkey) // Skip to next record if the rewrite didn't
match continue;
// We did do a rewrite, shrink max_order to current value
// so that delegation works properly
max_order = naptr[j].order;
// Will we know what to do with the protocol and services
// specified in the NAPTR? If not, try next record.
if(!isKnownProto(naptr[j].services)) {
continue;
}
if(!isKnownService(naptr[j].services)) {
continue;
// Process current batch of NAPTRs according to "order" field.
for (j=0; j < n_naptrs && records[j].order <= max_order; j++) {
if (unknown_flag) // skip this record and go to next one
continue;
newkey = rewrite(URN, naptr[j].replacement, naptr[j].regexp);
if (!newkey) // Skip to next record if the rewrite didn't
match continue;
// We did do a rewrite, shrink max_order to current value
// so that delegation works properly
max_order = naptr[j].order;
// Will we know what to do with the protocol and services
// specified in the NAPTR? If not, try next record.
if(!isKnownProto(naptr[j].services)) {
continue;
}
if(!isKnownService(naptr[j].services)) {
continue;
}
}
// At this point we have a successful rewrite and we will
// know how to speak the protocol and request a known
// resolution service. Before we do the next lookup, check
// the flags to see if we're done.
// Note: it is possible to rewrite this so that this valid
// record could be noted as such but continue on in order
// to find a 'better' record. But that code would be to
// voluminous and application specific to be illustrative.
if (strcasecmp(flags, "S")
|| strcasecmp(flags, "P"))
|| strcasecmp(flags, "A")) {
terminal = true;
services = naptr[j].services;
addnl = any SRV and/or A records returned as additional
info for naptr[j].
}
key = newkey;
rewriteflag = true;
break;
}
} while (rewriteflag && !terminal);
// At this point we have a successful rewrite and we will
// know how to speak the protocol and request a known
// resolution service. Before we do the next lookup, check
// the flags to see if we're done.
// Note: it is possible to rewrite this so that this valid
// record could be noted as such but continue on in order
// to find a 'better' record. But that code would be to
// voluminous and application specific to be illustrative.
if (strcasecmp(flags, "S")
|| strcasecmp(flags, "P"))
|| strcasecmp(flags, "A")) {
terminal = true;
services = naptr[j].services;
addnl = any SRV and/or A records returned as additional
info for naptr[j].
}
key = newkey;
rewriteflag = true;
break;
}
} while (rewriteflag && !terminal);
// Did we not find our way to a resolver?
if (!rewrite_flag) {
report an error
return NULL;
}
// Did we not find our way to a resolver?
if (!rewrite_flag) {
report an error
return NULL;
}
// Leave rest to another protocol?
if (strcasecmp(flags, "P")) {
return key as host to talk to;
}
// Leave rest to another protocol?
if (strcasecmp(flags, "P")) {
return key as host to talk to;
}
// If not, keep plugging
if (!addnl) { // No SRVs came in as additional info, look them up
srvs = lookup(type=SRV, key);
}
// If not, keep plugging
if (!addnl) { // No SRVs came in as additional info, look them up
srvs = lookup(type=SRV, key);
}
sort SRV records by preference, weight, ... for each (SRV record) { // in order of preference try contacting srv[j].target using the protocol and one of the resolution service requests from the "services" field of the last NAPTR record. if (successful) return (target, protocol, service); // Actually we would probably return a result, but this
按首选项、权重等对SRV记录进行排序。。。对于每个(SRV记录){//按照优先顺序尝试联系SRV[j]。使用协议的目标和来自最后一个NAPTR记录的“服务”字段的一个解析服务请求。如果(成功)返回(目标、协议、服务);//实际上我们可能会返回一个结果,但
// code was supposed to just tell us a good host to talk to.
}
die with an "unable to find a host" error;
}
// code was supposed to just tell us a good host to talk to.
}
die with an "unable to find a host" error;
}
Author's Address
作者地址
Michael Mealling VeriSign 21345 Ridgetop Circle Sterling, VA 20166 US
Michael Mealling VeriSign 21345 Ridgetop Circle Sterling,弗吉尼亚州,美国20166
EMail: michael@neonym.net
URI: http://www.verisignlabs.com
EMail: michael@neonym.net
URI: http://www.verisignlabs.com
Full Copyright Statement
完整版权声明
Copyright (C) The Internet Society (2002). All Rights Reserved.
版权所有(C)互联网协会(2002年)。版权所有。
This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English.
本文件及其译本可复制并提供给他人,对其进行评论或解释或协助其实施的衍生作品可全部或部分编制、复制、出版和分发,不受任何限制,前提是上述版权声明和本段包含在所有此类副本和衍生作品中。但是,不得以任何方式修改本文件本身,例如删除版权通知或对互联网协会或其他互联网组织的引用,除非出于制定互联网标准的需要,在这种情况下,必须遵循互联网标准过程中定义的版权程序,或根据需要将其翻译成英语以外的其他语言。
The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns.
上述授予的有限许可是永久性的,互联网协会或其继承人或受让人不会撤销。
This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
本文件和其中包含的信息是按“原样”提供的,互联网协会和互联网工程任务组否认所有明示或暗示的保证,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。
Acknowledgement
确认
Funding for the RFC Editor function is currently provided by the Internet Society.
RFC编辑功能的资金目前由互联网协会提供。